• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.6
• /
• pp.33-42
• /
• 2010

With the emergence of increasingly complex networks and diverse user terminals, demand for the next generation IPTV service is rapidly growing. It enables any content to seamlessly be reused on the diverse terminals as well as be broadcasted in real-time through the complex networks. In this paper, a novel security framework is proposed for the real-time and reusable IPTV services. The proposed framework is advantageous over the conventional content protection techniques in easily producing the scalable content with lightweight, perceptual, transcodable, and adjustable security features. It does not only ensure end-to-end security over the entire service range based on a single security mechanism, but also can control a level of security while dynamically transcoding the original content. This approach basically performs selective encryption during and after the compression using scalable video coding. The suitability of the proposed approach is demonstrated through experiments with a practical service scenario. Therefore, it is expected that security technology alone could practically contribute to creating new business opportunities for IPTV services.

• KNOM Review
• /
• v.22 no.2
• /
• pp.22-28
• /
• 2019

A Science DeMilitarized Zone (DMZ) is an optimized network technology tailored to research data nature. The Science DMZ guarantees end-to-end network performance by forming a closed research network without redundant networking and security devices for the authorized researchers. Data Transfer Node (DTN) is an essential component for the high performance and security of the Science DMZ, since only transfer functions of research data are allowed to the DTN without any security- and performance-threatening functions such as commercial internet service. Current Science DMZ requires per-user DTN server installation which turns out a scalability limitation of the networks in terms of management overhead, entry barrier of the user, and networks-wise CAPEX. In order to relax the aforementioned scalability issues, this paper suggests a centralized DTN design where end users in a group can share the centralized DTN. We evaluate the effectiveness of the suggested sharable DTN design by comparing CAPEX against to that of current design with respect to the diverse network load and the state-of-the-art computing machine.

• Journal of Information Processing Systems
• /
• v.16 no.2
• /
• pp.377-393
• /
• 2020

Freight management systems require a new business model for rapid decision making to improve their business processes by dynamically analyzing the previous experience data. Moreover, the amount of data generated by daily business activities to be analyzed for making better decisions is enormous. Online-to-offline or offline-to-online (O2O) is an electronic commerce (e-commerce) model used to combine the online and physical services. Data analysis is usually performed offline. In the present paper, to extend its benefits to online and to efficiently apply the big data analysis to the freight management system, we suggested a system architecture based on O2O services. We analyzed and extracted the useful knowledge from the real-time freight data for the period 2014-2017 aiming at further business development. The proposed system was deemed useful for truck management companies as it allowed dynamically obtaining the big data analysis results based on O2O services, which were used to optimize logistic freight, improve customer services, predict customer expectation, reduce costs and overhead by improving profit margins, and perform load balancing.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.3
• /
• pp.545-550
• /
• 2018

Ultra-lightweight block cipher CHAM, consisting of simple addition, rotation, and eXclusive-or operations, enables the efficient implementations over both low-end and high-end Internet of Things (IoT) platforms. In particular, the CHAM block cipher targets the enhanced computational performance for the low-end IoT platforms. In this paper, we introduce the efficient implementation techniques to minimize the memory consumption and optimize the execution timing over 8-bit AVR IoT platforms. To achieve the higher performance, we exploit the partly iterated expression and arrange the memory alignment. Furthermore, we exploit the optimal number of register and data update. Finally, we achieve the high RANK parameters including 29.9, 18.0, and 13.4 for CHAM 64/128, 128/128, and 128/256, respectively. These are the best implementation results in existing block ciphers.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.8 no.4
• /
• pp.781-787
• /
• 2007

Network Mobility (NEMO) basic support protocol doesn't execute the process of route optimization and has not presented the particular security mechanism in other blocks except hi-directional tunnel between Mobile Router (MR) and its Home Agent (HA). Therefore in this paper we process secure route optimization courses through authenticated binding update protocol between MR and its Correspondent Node (CN) and the protocol of the competency of mandate between MR and its Mobile Network Node (MNN); its block also uses an bi-directional tunnel as the block between MR and its HA. The address of each node are generated by the way of Cryptographically Generated Address (CGA) for proving the ownership of address. Finally we analyze the robustness of proposed protocol using security requirements of MIPv6 and existing attacks and the efficiency of this protocol using the connectivity recovery and end-to-end packet transmission delay time.

• Convergence Security Journal
• /
• v.16 no.5
• /
• pp.41-48
• /
• 2016

In this paper we propose a new method of security visualization, VisFlow, using traffic flows to solve the problems of existing traffic flows based visualization techniques that were a loss of end-to-end semantics of communication, reflection problem by symmetrical address coordinates space, and intuitive loss problem in mass of traffic. VisFlow, a simple and effective security visualization interface, can do a real-time analysis and monitoring the situation in the managed network with visualizing a variety of network behavior not seen in the individual traffic data that can be shaped into patterns. This is a way to increase the intuitiveness and usability by identifying the role of nodes and by visualizing the highlighted or simplified information based on their importance in 2D/3D space. In addition, it monitor the network security situation as a way to increase the informational effectively using the asymmetrical connecting line based on IP addresses between pairs of nodes. Administrator can do a real-time analysis and monitoring the situation in the managed network using VisFlow, it makes to effectively investigate the massive traffic data and is easy to intuitively understand the entire network situation.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.3
• /
• pp.1330-1347
• /
• 2018

Mobile Ad hoc Network (MANET) is a collection of nodes or communication devices that wish to communicate without any fixed infrastructure and predetermined organization of available links. The effort has been made by proposing a scheme to overcome the critical security issue in MANET. The insufficiency of security considerations in the design of Ad hoc On-Demand Distance Vector protocol makes it vulnerable to the threats of collaborative black hole attacks, where hacker nodes attack the data packets and drop them instead of forwarding. To secure mobile ad hoc networks from collaborative black hole attacks, we implement our scheme and considered sensor's energy as a key feature with a better packet delivery ratio, less delay time and high throughput. The proposed scheme has offered an improved solution to diminish collaborative black hole attacks with high performance and benchmark results as compared to the existing schemes EDRIAODV and DRIAODV respectively. This paper has shown that throughput and packet delivery ratio increase while the end to end delay decreases as compared to existing schemes. It also reduces the overall energy consumption and network traffic by maintaining accuracy and high detection rate which is more safe and reliable for future work.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.322-327
• /
• 2001

전자상거래의 활성화는 인터넷을 통한 금융거래를 보편화시켰고, 안전한 금융거래를 제공하기 위한 보안 프로토콜과 서비스가 지속적으로 개발되고 있다. 이러한 기술적 발전을 바탕으로 무선단말기를 통한 금융거래 서비스에 대한 관심이 높아지고 있다. 본 논문에서는 전용패킷교환방식의 무선데이터통신 환경 아래에서 전용 단말기를 이용한 금융거래에 필요한 인증 및 데이터 보호 등을 제공하는 프로토콜과 운영방안을 제안한다. 제안하는 프로토콜에서는 단말기와 인증서버 사이의 키 공유를 위하여 password-based protocol과 ANSI X9.17을 사용하는 키 운영방안을 제시하고, 가입자 id와 비밀번호에 근거한 인증절차와 전송 데이터 암호화를 통한 안전한 금융거래를 제공한다. 또한, 무선 Gateway에 의한 보안 제어가 아닌, End-to-End의 보안 서비스를 제공함으로, 그 신뢰성을 높이도록 설계되었다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.10a
• /
• pp.215-218
• /
• 2003

In this paper, we propose a protocol both allow a End-to-End security between user and service provider and independent in mobile Internet platform in AIP. In particular, our proposed protocol generates a session key using Weil pairing by ID-based public key system. We analysis a security and efficient of protocol when on-line certification authority participates in authentication process.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.5
• /
• pp.1171-1177
• /
• 2010

Recently RFID system is used in various fields such as distribution industry, medical industry and military service. The technology for protecting individual privacy is necessary to adapt RFID system in several applications. This paper proposes an authentication protocol which conducts mutual authentication between back-end database and tag using hash function. The proposed protocol satisfies various RFID security requirements : mutual authentication, anonymity, confidentiality, integrity, replay attack, location trace. This protocol reduces the time for authentication minimizing the number of hash operation in back-end database.